Electronic Signature Method and Electronic Signature Tool

ABSTRACT

The present invention provides an electronic signature method and an electronic signature tool. The method includes: outputting verification prompt information; receiving verification confirmation information inputted by a user; checking whether the verification confirmation information matches the verification prompt information, and performing the predetermined electronic signature operation if the verification confirmation information matches the verification prompt information. Through the electronic signature method and the electronic signature tool of the present invention, an attack of other users on the network can be prevented, secure transactions are realized. The method and the tool are used conveniently and can be popularized easily.

FIELD OF THE INVENTION

The present invention relates to the field of electronic technologyapplications, and more particularly, to an electronic signature methodand an electronic signature tool.

BACKGROUND OF THE INVENTION

Because an electronic signature tool (such as USBKEY) can performencryption, signature and authentication for data, many users would usethe electronic signature tool currently when transmitting various dataover the Internet, e.g. when conducting transactions at an E-bank, so asto increase security of data transmission over the Internet.

However, because security of the Internet is relatively poor, computersof the users may be kidnapped by hacker software such as Trojan horse.As a result, even if the users have performed the signature, encryptionor authentication for the transmitted data by using the electronicsignature tool, an attacker (i.e. hacker) still can directly operate theelectronic signature tool through remote control and therebycounterfeiting a transaction, which causes a huge loss to the users.

The existing online transactions generally adopt a patternidentification code manner to prevent an automatic attack of theattacker. Specifically, an online transaction center randomly selects agroup of numbers or letters, displays a picture containing the selectedgroup of data to a user through a computer connected to the Internet,prompts the user to input the numbers or letters displayed, determineswhether the numbers or letters inputted by the user are consistent withthe randomly-selected numbers or letters through comparison, andperforms following operations only when the numbers or letters inputtedby the user are consistent with the randomly-selected numbers orletters.

However, because the number of the randomly-selected numbers or lettersis limited, the attacker may decipher the picture sent by the onlinetransaction center by using exhaust algorithm for comparing pictures, orby directly intercepting the picture. Therefore, the transactionsecurity of the users is threatened.

SUMMARY OF THE INVENTION

In view of the above, an embodiment of the present invention provides anelectronic signature method, which can prevent an attack of other userson the network and can realize security transactions.

An embodiment of the present invention further provides an electronicsignature tool, which can prevent an attack of other users on thenetwork, can realize security transactions, and can be used easily andconveniently and can facilitate popularization.

According to an embodiment of the present invention, the electronicsignature method includes:

-   -   outputting verification prompt information before performing a        predetermined electronic signature operation;    -   receiving verification confirmation information inputted by a        user;    -   checking whether the verification confirmation information        matches the verification prompt information, and performing the        predetermined electronic signature operation if the verification        confirmation information matches the verification prompt        information.

According to another embodiment of the present invention, the electronicsignature tool includes:

-   -   a prompt information generating module, adapted to generate        verification prompt information;    -   an information prompt module, adapted to output the verification        prompt information to a user;    -   a data receiving module, adapted to receive verification        confirmation information inputted by the user; and    -   a predetermined operation processing module, adapted to check        whether the verification confirmation information matches the        verification prompt information, perform a predetermined        electronic signature operation if the verification confirmation        information matches the verification prompt information.

As can be seen from the foregoing electronic signature method andelectronic signature tool, the electronic signature tool first outputsthe verification prompt information to the user, then receives theverification confirmation information inputted by the user, anddetermines whether to perform the predetermined electronic signatureoperation according to the verification confirmation information and theverification prompt information. Therefore, the attack of other users onthe network can be prevented and the security transactions can berealized.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a flowchart illustrating an electronic signature methodaccording to an embodiment of the present invention.

FIG. 2 is a schematic diagram illustrating a structure of an electronicsignature tool according to an embodiment of the present invention.

DETAILED DESCRIPTION OF THE INVENTION

In order to make the purpose, solutions and merit more clear, thepresent invention will be described hereinafter in detail with referenceto accompanying drawings and embodiments.

An embodiment of the present invention provides an electronic signaturemethod. As shown in FIG. 1, the electronic signature method mainlyincludes:

Step 101: An electronic signature tool outputs verification promptinformation to a user when the electronic signature tool is required toperform a predetermined electronic signature operation.

In this embodiment, the predetermined electronic signature operation mayinclude, but is not limited to, any type or several types of thefollowing signature operations: a signature calculation, an encryptioncalculation, a decryption calculation, signature check, key pairgeneration, public key output and key import.

In this step, the verification prompt information may be generated bythe electronic signature tool; or, may be an authentication code, suchas a graphic authentication code, transmitted by an online transactioncenter. Generally, the authentication code transmitted by the onlinetransaction center to the electronic signature tool is encrypted. Inthis case, the electronic signature tool first decrypts the receivedauthentication code and then outputs the decrypted authentication codeas the verification prompt information to the user.

In this step, the electronic signature tool may output the verificationprompt information in many manners, for example, may play theverification prompt information to the user through a voice promptmodule in the electronic signature tool, or may display the verificationprompt information to the user through a display apparatus in theelectronic signature tool, or may simultaneously play and display theverification prompt information to the user through the voice promptmodule and the display apparatus in the electronic signature tool.

Step 102: The electronic signature tool receives verificationconfirmation information inputted by the user.

In this step, the user may input the verification confirmationinformation in many manners. For example, the user may input theverification confirmation information through a keyboard or mouse of acomputer connected with the electronic signature tool and then thecomputer transmits the verification confirmation information to theelectronic signature tool via an interface connecting the electronicsignature tool. For another example, the electronic signature tool maybe configured with an input apparatus, and the user may input theverification confirmation information through the input apparatus of theelectronic signature tool directly. For yet another example, the usermay input the verification confirmation information through cooperationbetween the input apparatus in the electronic signature tool and thekeyboard and mouse of the computer connected with the electronicsignature tool.

Step 103: The electronic signature tool checks whether the verificationconfirmation information inputted by the user matches the verificationprompt information. If they match, the electronic signature toolperforms the predetermined electronic signature operation; otherwise,the electronic signature tool refuses performing the predeterminedelectronic signature operation.

In this step, checking whether the verification confirmation informationinputted by the user matches the verification prompt information may be:checking whether the verification confirmation information is the sameas the verification prompt information, or checking whether theverification confirmation information and the verification promptinformation comply with a predetermined matching condition.

Specifically, the predetermined matching condition may include: anencryption/decryption rule with which the verification confirmationinformation and the verification prompt information comply; or, analgorithm with which the verification confirmation information and theverification prompt information comply, for example, a certain operation(e.g. square, reverse order, multiples or a certain difference) withwhich the verification confirmation information and the verificationprompt information comply.

As can be seen, the electronic signature method in this embodiment isapplicable to the electronic signature tool with an information promptfunction (e.g. a voice playing function and/or a display function). Whenthe user adopts the electronic signature tool to perform somepredetermined electronic signature operations, the electronic signaturetool takes a group of data (including numbers and/or letters) generatedrandomly by itself or take the authentication code received from theonline transaction center as the verification prompt information, andprompts the user for the group of data or the authentication codethrough the information prompt function of the electronic signaturetool. After hearing or seeing the prompt of the electronic signaturetool, the user inputs the verification confirmation information throughthe computer connected with the electronic signature tool or through theinput apparatus of the electronic signature tool. Afterward, theelectronic signature tool checks whether the verification confirmationinformation matches the verification prompt information, and performsthe subsequent predetermined electronic signature operation only whenthey match. Thereby, possibility and feasibility of any outside attackscan be eliminated.

An embodiment of the present invention further provides an electronicsignature tool. As shown in FIG. 2, the electronic signature tool mainlyincludes: a prompt information generating module, an information promptmodule, a data receiving module and a predetermined operation processingmodule.

The prompt information generating module is adapted to generateverification prompt information.

The information prompt module is adapted to output the verificationprompt information generated by the prompt information generating moduleto a user.

The data receiving module is adapted to receive verificationconfirmation information inputted by the user.

The predetermined operation processing module is adapted to checkwhether the verification confirmation information from the datareceiving module matches the verification prompt information generatedby the prompt information generating module, perform a predeterminedelectronic signature operation if they match, and refuse performing thepredetermined electronic signature operation if they do not match. Thepredetermined operation processing module may include an informationchecking sub-module and a predetermined operation performing sub-module,adapted to perform the above information matching function and theelectronic signature function respectively.

In this embodiment, the prompt information generating module mayrandomly generate the verification prompt information, or may generatethe verification prompt information according to an authentication codetransmitted by an online transaction center. If the authentication codetransmitted by the online transaction center is encrypted, the promptinformation generating module first decrypts the received authenticationcode and then generates the verification prompt information. In the caseof generating the verification prompt information according to theauthentication code transmitted by the online transaction center, thedata receiving module is further adapted to receive the authenticationcode transmitted by the online transaction center.

As described above, the user may input the verification confirmationinformation through a keyboard or mouse of a computer connected with theelectronic signature tool, or the user may input the verificationconfirmation information through the electronic signature tool directly.In the latter case, the electronic signature tool may further beconfigured with an input apparatus, such as a keyboard or amulti-directional operation handle.

In addition, the information prompt module may output the verificationprompt information to the user in various manners. For example, theinformation prompt module may include a voice prompt module, adapted tooutput the verification prompt information to the user by way of voiceprompting. For another example, the information prompt module mayinclude a display apparatus, adapted to output the verification promptinformation to the user by way of screen displaying. For yet anotherexample, the information prompt module may include both the voice promptmodule and the display apparatus, adapted to output the verificationprompt information to the user by way of voice prompting and screendisplaying at the same time.

As can be seen, through the electronic signature tool in thisembodiment, the predetermined electronic signature operation isperformed only when the verification confirmation information inputtedby the user matches the verification prompt information outputted by theelectronic signature tool. Therefore, the possibility that theelectronic signature tool is kidnapped and controlled remotely can becompletely eliminated. Meanwhile, a venture of being deciphered by theoutside can also be eliminated and thus the security of electronictransactions of a user is increased greatly.

In addition, the electronic signature tool in this embodiment may beobtained by making a small change to conventional electronic signaturetools and need not meet special requirements. Therefore, the electronicsignature tool in this embodiment has advantages, such as convenientimplementation, lower costs, strong universality and practicability,etc, and can be popularized and used conveniently.

The foregoing is only embodiments of the present invention. Theprotection scope of the present invention, however, is not limited tothe above description. Any change or substitution, easily occurring tothose skilled in the art, should be covered by the protection scope ofthe present invention.

1. An electronic signature method, comprising: outputting verificationprompt information before performing a predetermined electronicsignature operation; receiving verification confirmation informationinputted by a user; checking whether the verification confirmationinformation matches the verification prompt information, and performingthe predetermined electronic signature operation if the verificationconfirmation information matches the verification prompt information. 2.The method of claim 1, wherein outputting the verification promptinformation comprises: randomly generating a group of data as theverification prompt information and outputting the verification promptinformation.
 3. The method of claim 1, wherein outputting theverification prompt information comprises: decrypting an authenticationcode encrypted and transmitted by an online transaction center, takingthe authentication code decrypted as the verification promptinformation, and outputting the verification prompt information.
 4. Themethod of claim 1, wherein outputting the verification promptinformation comprises: outputting the verification prompt information byway of voice prompting.
 5. The method of claim 1, wherein outputting theverification prompt information comprises: outputting the verificationprompt information by way of screen displaying.
 6. The method of claim4, wherein outputting the verification prompt information comprises:outputting the verification prompt information by way of screendisplaying.
 7. The method of claim 1, wherein checking whether theverification confirmation information matches the verification promptinformation comprises: checking whether the verification confirmationinformation is the same as the verification prompt information.
 8. Themethod of claim 1, wherein checking whether the verificationconfirmation information matches the verification prompt informationcomprises: checking whether the verification confirmation informationand the verification prompt information comply with a predeterminedmatching condition.
 9. The method of claim 8, wherein the predeterminedmatching condition comprises: an encryption/decryption rule with whichthe verification confirmation information and the verification promptinformation comply; or, an algorithm with which the verificationconfirmation information and the verification prompt information comply.10. The method of claim 1, wherein the predetermined electronicsignature operation comprises at least one of: a signature calculation,an encryption calculation, a decryption calculation, signature check,key pair generation, public key output and key import.
 11. The method ofclaim 1, further comprising: refusing performing the predeterminedelectronic signature operation if the verification confirmationinformation does not match the verification prompt information.
 12. Anelectronic signature tool, comprising: a prompt information generatingmodule, adapted to generate verification prompt information; aninformation prompt module, adapted to output the verification promptinformation to a user; a data receiving module, adapted to receiveverification confirmation information inputted by the user; and apredetermined operation processing module, adapted to check whether theverification confirmation information matches the verification promptinformation, perform a predetermined electronic signature operation ifthe verification confirmation information matches the verificationprompt information.
 13. The tool of claim 12, wherein the data receivingmodule is further adapted to receive an authentication code encryptedand transmitted by an online transaction center, and transmit theauthentication code to the prompt information generating module; theprompt information generating module is adapted to decrypt theauthentication code and take the authentication code decrypted as theverification prompt information.
 14. The tool of claim 12, wherein thedata receiving module comprises an input apparatus through which theuser inputs the verification confirmation information.
 15. The tool ofclaim 12, wherein the information prompt module comprises: a voiceprompt module, adapted to output the verification prompt information byway of voice prompting.
 16. The tool of claim 12, wherein theinformation prompt module comprises: a display apparatus, adapted tooutput the verification prompt information to the user by way of screendisplaying.
 17. The tool of claim 14, wherein the information promptmodule comprises: a display apparatus, adapted to output theverification prompt information to the user by way of screen displaying.18. The tool of claim 12, wherein the predetermined operation processingmodule comprises: an information checking sub-module, adapted to checkwhether the verification confirmation information matches theverification prompt information; and a predetermined operationperforming sub-module, adapted to perform the predetermined electronicsignature operation if the verification confirmation information matchesthe verification prompt information; refuse performing the predeterminedelectronic signature operation if the verification confirmationinformation does not match the verification prompt information.